Hi,

Nikos Vassiliadis wrote:
Sebastiaan van Erk wrote:
Julien Cigar wrote:

Maybe you've to do ARP Proxy on one side ? Try to add an ARP entry in
the ARP table with arp (arp -s 1.2.3.4 MAC foo) ..

Thanks for the suggestion.

Ok, static arp works: that is, if I take the carp1 mac address and add it to the arp table using:

 arp -s 10.0.80.74 00:00:5e:00:01:02 pub

The ping starts to work. I'm still a bit confused why I have to do this though, because I can ping the non-shared IP 10.0.80.77 from the VPN client (via tap0) without any static arp, and I can ping the shared VIP (10.0.80.74) from clients on the physical network (em1) as well without any static arp. It's only when the ping it has to cross the bridge that it's an issue.

Does it make any difference if you set the IP address on the bridge0
iface and not on the physical one?

I recall that the recommended setup is to use IP addresses on
the bridge interface and leave the members of the bridge IPless.

Nikos

Thanks for the suggestion. I tried it, but unfortunately the carp device never leaves the INIT state when I put the ip on the bridge. :-( I did find some similar problem here:

http://www.freebsd.org/cgi/query-pr.cgi?pr=125816

Regards,
Sebastiaan

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

Reply via email to